package com.woniuxy.shirospring.config;

import com.woniuxy.shirospring.realm.UserRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author linke
 * @version 1.0
 * @className: ShiroConfiguration
 * @description: shiro配置类
 * @date 2021/11/20 10:05
 */
@Configuration
public class ShiroConfiguration {
    /**
     * 配置凭证匹配器
     *
     * @return hashedCredentialsMatcher hash凭证匹配器
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher hashedCredentialsMatcher =
                new HashedCredentialsMatcher();
        //迭代次数
        hashedCredentialsMatcher.setHashIterations(3);
        //加密规则
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        return hashedCredentialsMatcher;
    }
    /**
     * 配置自定义Realm   凭证匹配器
     *
     * @return userRealm
     */
    @Bean
    public UserRealm userRealm(CredentialsMatcher credentialsMatcher) {
        UserRealm userRealm = new UserRealm();
        //设置凭证匹配器
        userRealm.setCredentialsMatcher(credentialsMatcher);
        return userRealm;
    }


    /**
     * 配置安全管理
     * 配置类使用另一个bean,就直接声明成参数
     *
     * @param userRealm 自定义的realm
     * @return defaultWebSecurityManager 安全管理器
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(UserRealm userRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager =
                new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(userRealm);
        return defaultWebSecurityManager;
    }

    /**
     * Web中整合Shiro底层是靠    过滤器
     *
     * @param defaultWebSecurityManager 安全管理器
     * @return shiroFilterFactoryBean  shiro过滤工Bean
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(
            DefaultWebSecurityManager defaultWebSecurityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean =
                new ShiroFilterFactoryBean();
        //设置安全管理
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        //配置过滤规则,多个过滤规则，
        //优先级顺序：先定义的优先级规则高，必须保证顺序   linkedHashMap
        Map<String, String> filtermap = new LinkedHashMap<String, String>();
        //所有请求，运行匿名访问   不拦截直接放行
        //filtermap.put("/**", "anon");
        //设置登录页面放行
        filtermap.put("/user/doLogin", "anon");
        filtermap.put("/css/**", "anon");
        filtermap.put("/user/logout", "logout");
        //配置授权信息
        //filtermap.put("/user/add", "perms[user:add]");
        //filtermap.put("/user/delete", "perms[user:delete]");
        //所有请求，认证以后才能访问
        filtermap.put("/**", "authc");
        //设置没有通过认证的用户，重定向到指定的页面(默认是index.jsp)
        shiroFilterFactoryBean.setLoginUrl("/login.html");
        //设置没有授权信息跳转的页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/unauthorizedUrl.html");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filtermap);
        return shiroFilterFactoryBean;
    }




}
